| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
The source PowerISA latex files have updated:
- changed files layout;
- "cntlzw." got corrected.
The fixed are not used by syzkaller in macros so there should be
no huge change in behaviour, if any.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The source PowerISA latex files have updated so refresh the instruction
list. The fixed are not used by syzkaller in macros so there should be
no huge change in behaviour, if any.
While at this, simplify+comment the conversion script and fix handling of
privileged instructions, apparently a debug version of the convertion
script made it to the git repo.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
| |
The PowerISA 3.1 architecture (POWER10 CPU) added new "prefixed"
instruction format so from now on instructions are either 4 or 8 bytes
long.
This adds those new prefixed instructions to the fuzzer.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing instruction list is generated by a script which parsed
the output of pdftotext which produced less than a perfect result.
There is ongoing effort to have the instruction set specification in
a machine readable format (latex) which this uses to fix errors.
As the new spec is a newer PowerISA 3.1 (POWER10) which removed
transactional memory instructions and added some new instructions,
this change is reflected here.
This fixes randomization of paired paramemers (pair of registers
for quadword instructions) to not generate odd (==incorrect) numbers.
This includes the new conversion script.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instruction descriptions use maps to describe instruction operands which
works fine but due to the Go's unordered map implementation,
the determination test fails as per
https://github.com/google/syzkaller/issues/2790
Since there is no appalling reason why it should be a map, this converts
maps to slices.
As this changes every single instruction, use the opportunity and sort
the instructions by mnemonic to make further updates easier to follow.
Neigher change should not cause any change in behavior.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
There are only 2 instructions - tlbie and tlbiel (TLB invalidation) -
which are marked 64bit only and there is no obvious reason why they
would not work in the 32bit mode - they seem working but even if they
did not, making a special case just for these two is overkill.
This ditches the M64 flag.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PowerISA pdf parser made several wrong assumptions about the format
("copy"/"paste."/...) and missed that some fields are split and have
reverse order ("rldicr" and similar). Another problem with parsing
2 column page layout.
This makes powerpc.Insn.Fields value type from tuple to an array of
tuples and fixes encodeBits() accordingly.
This fixes powerisa30_to_syz to store all the bits and split "MB"/"ME"
in 2 halves sorted in the way encodeBits() loops.
This should not change the coverage dramatically but this improves
pseudo instructions as "rldicr" is used to preload registers although
no huge difference expected there either as the problem was with top
32bits and hypercall/rtastoken numbers are 16bit anyway.
While at this, this fixes powerisa30_to_syz to make "make generate" not
change insns.go. This also drops comments from the generated file as are
proven to be useless and just increase lengths of already long lines
(vim hates it).
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
|
|
This adds KVM's syz_kvm_setup_cpu pseudo syscall. This adds placeholder
for options (none implemented yet).
This adds instruction generator for ifuzz; this also adds a few pseudo
instructions to simulate super/hyper/ultracalls
(a PPC64/pseries platform thing).
The insns.go is generated from PowerISA_public.v3.0B.pdf [1] by
a horrendous python3 script on top of pdftotext. The ISA covers POWER9
which is the latest available POWER CPU at the moment. The next ISA
for POWER10 is quite different and we will deal with it later.
The // comment after every instruction is a fixed opcode list for
verification purposes.
This does not define DecodeExt as there is no obvious replacement of
the Intel XED library for POWERPC (gapstone-capstone, later, may be).
[1] https://openpowerfoundation.org/?resource_lib=power-isa-version-3-0
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
